Pete has 32 years of Security, Network, and MSSP experience and has been a hands-on CISO for the last 17 years and joined Check Point as Field CISO of the Americas. Pete’s cloud security deployments and designs have been rated by Garter as #1 and #2 in the world and he literally “wrote the book” and contributed to secure cloud reference designs as published in Intel Press: “Building the Infrastructure for Cloud Security: A Solutions View.”
In this interview, Check Point’s Field CISO, Pete Nicoletti, shares perspectives around cyber security consolidation. In our complex threat landscape, consolidating security can increase efficiency and enhance threat prevention capabilities. Discover the advantages and challenges associated with a consolidated approach and leverage these insights to make informed decisions pertaining to your strategy. Don’t miss these valuable insights.
In challenging times, CISOs are looking closely at their tool sets and seeing if there is overlap, or redundant tools, or underutilized tools. CISOs are also evaluating their “play-books” to ensure that the tools in-use are efficient and streamlined. CISOs are also keen to negotiate ELAs that give them lower costs with flexibility to choose from a suite of tools to support the “speed of business.”
Security teams need to be trained and certified on their tools in use, and those budgets are under pressure. All these drivers lead to tool consolidation projects. Our customers are frequently very pleased with the normally mutually exclusive benefits: Costs savings and better efficacy, once a consolidation program is launched.
Losing features when consolidating is a valid concern, however, typically we find more advantages after consolidation: Lower training costs, higher staff satisfaction, fewer mistakes made, and the real gem; higher security program efficacy. We also see our customers leveraging the cloud and needing to extend their security protections quickly and easily, and our Check Point portfolio supports this using one console. With all the news about our peers contending with exploited security vulnerabilities and other challenges, Check Point is continuing to gain market share and supporting happy customers.
The number one consideration should be efficacy of the program. CISOs are realizing that very small differences in efficacy lead to very large cost savings. The best security tool for the job should always be selected knowing this. An inventory of tools and the jobs they are doing should be created and maintained. Frequently, CISOs find dozens of tools that are redundant, overlap with others, add unnecessary complexity, and that are poorly deployed or managed and not integrated into the program. Once the inventory is completed, work with your expert consultant or reseller to review and find redundancies or overlaps and kick-off a program to evaluate technical and cost benefits.
As mentioned previously, the number one goal of the program should be improving efficacy and our customers do report this. Efficacy lowers the number of false positives, lowers the number of real events and decreases overall risk. Other savings are found with lower training costs, faster run book execution, fewer mistakes and the ability to free up security analysts from wasting time on inefficient processes. Those analysts can now be leveraged into more productive efforts and ensure that the business growth and strategies are better supported.
Any significant change in your tool set needs careful consideration and evaluation. Every new tool needs to be tested in lab and moved, as appropriate, into production. You need to find all the gotcha’s with any new tool going inline before they cost impact.
Don’t rush this testing step! Ensure that you have good measurements of your current program so you can easily determine improvements with new tools or consolidation efforts.
Ensure that the solutions you are using are fully deployed and optimized. We frequently uncover many tools that are underutilized and ineffective. Sit with your staff and watch their work. If they are cutting and pasting, logging into and out of multiple tools, not having the time to address every alert, or are making excessive mistakes, it may be time to have Check Point come in and do a workshop. Our very experienced team will review the current program and provide thoughts and ideas to improve the program. Even if consolidation is not selected, other findings may help improve the program!
Every security program is different, and your challenges are unique. But, you can’t know everything, so, consider working with your trusted partners and invite Check Point in to do a free discovery workshop. Cloud maturity, consolidation program consideration, Zero Trust program formulation, and many others are available. As a CISO, you may have some initiatives that need extra validation, and we are standing by to help propel your program.
To achieve an even stronger cyber security posture, be sure to read Check Point’s whitepaper: The Case for a Prevention-First Approach.
Lastly, to receive cutting-edge cyber security news, the latest best practices, expert analyses and outstanding interviews in your inbox each week, please sign up for the CyberTalk.org newsletter.
The post Unconsidered benefits of a consolidation strategy every CISO should know appeared first on CyberTalk.